Related companies

The Spam Report, January 2009

2009 is expected to be a difficult year as spammers look at devious new ways to further their own agenda

By Vineetha Menon

Sun 11 Jan 2009 09:00 AM

2009 is expected to be a difficult year as spammers look at devious new ways to further their own agenda.

While the McColo shutdown last year reduced levels of spam by nearly half worldwide, the latest spam report by Symantec shows that spam has already crept back up to 80% of pre-McColo shutdown levels with the resurrection of old botnets and the creation of several new ones.

Internet and web-related spam such as the promotion of web hosting or computer software accounted for 24% of all spam globally this month, followed by leisure spam at 18%.

The recent holiday season predictably saw a rise in greeting card spam, each containing a malicious URL link that users were requested to access in order to view their card. When clicked, the URL link delivers malware that infects a recipient’s machine and allows it to become part of a botnet.

Botnets can be responsible for both sending similar spam messages, and also hosting the websites that cause malware to spread. In August 2007, e-card spam accounted for nearly 15% of all spam attacks.

One of the most dangerous trends observed involves spammers targeting the ongoing economic downturn and widespread recession in the US, which is now threatening to spread to other parts of the world.

Subject lines such as ‘Recession Solution for Debt’, ‘Turn the bad economy into $$$ in your pocket’ or ‘Survive the Recession; earn 500 dollars or more a week!’ are enticing victims with the promise of work-from-home schemes. This allows the spammers to obtain personal information from many people who hard on their luck at the moment.

It’s not limited to just the United States though as such e-mails have even been reported in a variety of languages, including Chinese.

Another worrying trend uses our love for social networking to get a spammer’s message across. These attacks not only threaten to damage the reputation of certain social networking sites, but also indirectly affect its popularity.

As with other types of phishing messages, they are crafted to look like they are coming from a specific, legitimate organization and are then targeted towards members of that organization.

In an instance reported, the spam message was crafted to closely mimic the legitimate notification of emails often distributed by this particular site. The reader is asked to click on the link in the email, which takes them to a real group created on the social networking site by the scammer.

The group then links to a free blogging site as an intermediary to redirect end users to the ultimate destination URL. Once the user gets to the destination URL they are requested to fill out a form, allowing spammers to collect personal information.

So far many of the messages observed use the same social networking group. Experts believe this might be because it was a random experiment by a spammer or that the creation of multiple groups associated to different accounts could be too time-consuming.

With millions of people logging on to social networking websites every single day, it’s the perfect opportunity for spammers to cast a large web to bait the most victims.